001: /*
002: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003: *
004: * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
005: *
006: * The contents of this file are subject to the terms of either the GNU
007: * General Public License Version 2 only ("GPL") or the Common
008: * Development and Distribution License("CDDL") (collectively, the
009: * "License"). You may not use this file except in compliance with the
010: * License. You can obtain a copy of the License at
011: * http://www.netbeans.org/cddl-gplv2.html
012: * or nbbuild/licenses/CDDL-GPL-2-CP. See the License for the
013: * specific language governing permissions and limitations under the
014: * License. When distributing the software, include this License Header
015: * Notice in each file and include the License file at
016: * nbbuild/licenses/CDDL-GPL-2-CP. Sun designates this
017: * particular file as subject to the "Classpath" exception as provided
018: * by Sun in the GPL Version 2 section of the License file that
019: * accompanied this code. If applicable, add the following below the
020: * License Header, with the fields enclosed by brackets [] replaced by
021: * your own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Contributor(s):
025: *
026: * The Original Software is NetBeans. The Initial Developer of the Original
027: * Software is Sun Microsystems, Inc. Portions Copyright 1997-2006 Sun
028: * Microsystems, Inc. All Rights Reserved.
029: *
030: * If you wish your version of this file to be governed by only the CDDL
031: * or only the GPL Version 2, indicate your decision by adding
032: * "[Contributor] elects to include this software in this distribution
033: * under the [CDDL or GPL Version 2] license." If you do not indicate a
034: * single choice of license, a recipient has the option to distribute
035: * your version of this file under either the CDDL, the GPL Version 2 or
036: * to extend the choice of license to its licensees as provided above.
037: * However, if you add GPL Version 2 code and therefore, elected the GPL
038: * Version 2 license, then the option applies only if the new code is
039: * made subject to such option by the copyright holder.
040: */
041:
042: package org.openide.execution;
043:
044: import java.io.ByteArrayOutputStream;
045: import java.io.File;
046: import java.io.PrintStream;
047: import java.net.URL;
048: import java.net.URLClassLoader;
049: import java.net.URLConnection;
050: import java.security.Permission;
051: import java.util.Arrays;
052: import org.netbeans.junit.NbTestCase;
053: import org.openide.filesystems.FileObject;
054: import org.openide.filesystems.LocalFileSystem;
055:
056: /** Test NbClassLoader.
057: * @author Jesse Glick
058: */
059: public class NbClassLoaderTest extends NbTestCase {
060:
061: public NbClassLoaderTest(String name) {
062: super (name);
063: }
064:
065: /** Ensure that a user-mode class can at least use findResource() to access
066: * resources in filesystems.
067: * @see "#13038"
068: */
069: public void testUsingNbfsProtocol() throws Exception {
070: System.setProperty("org.netbeans.core.Plain.CULPRIT", "true");
071: File here = new File(getClass().getProtectionDomain()
072: .getCodeSource().getLocation().getFile());
073: assertTrue("Classpath really contains " + here, new File(
074: new File(new File(new File(here, "org"), "openide"),
075: "execution"), "NbClassLoaderTest.class")
076: .canRead());
077:
078: File dataDir = new File(new File(new File(
079: new File(here, "org"), "openide"), "execution"), "data");
080: if (!dataDir.exists()) {
081: dataDir.mkdir();
082: }
083: File fooFile = new File(dataDir, "foo.xml");
084: if (!fooFile.exists()) {
085: fooFile.createNewFile();
086: }
087:
088: LocalFileSystem lfs = new LocalFileSystem();
089: lfs.setRootDirectory(here);
090: lfs.setReadOnly(true);
091: ClassLoader cl = new NbClassLoader(new FileObject[] { lfs
092: .getRoot() }, ClassLoader.getSystemClassLoader()
093: .getParent(), null);
094: System.setSecurityManager(new MySecurityManager());
095: // Ensure this class at least has free access:
096: System.getProperty("foo");
097: Class c = cl
098: .loadClass("org.openide.execution.NbClassLoaderTest$User");
099: assertEquals(cl, c.getClassLoader());
100: try {
101: c.newInstance();
102: } catch (ExceptionInInitializerError eiie) {
103: Throwable t = eiie.getException();
104: if (t instanceof IllegalStateException) {
105: fail(t.getMessage());
106: } else if (t instanceof Exception) {
107: throw (Exception) t;
108: } else {
109: throw new Exception(t.toString());
110: }
111: }
112: }
113:
114: public static final class User {
115: public User() throws Exception {
116: URLClassLoader ncl = (URLClassLoader) getClass()
117: .getClassLoader();
118: URL[] urls = ncl.getURLs();
119: if (urls.length != 1)
120: throw new IllegalStateException("Weird URLs: "
121: + Arrays.asList(urls));
122: URL manual = new URL(urls[0],
123: "org/openide/execution/data/foo.xml");
124: URLConnection uc = manual.openConnection();
125: uc.connect();
126: String ct = uc.getContentType();
127: /* May now be a file: URL, in which case content type is hard to control:
128: if (!"text/xml".equals(ct)) throw new IllegalStateException("Wrong content type (manual): " + ct);
129: */
130: URL auto = getClass().getResource("data/foo.xml");
131: if (auto == null)
132: throw new IllegalStateException(
133: "Could not load data/foo.xml; try uncommenting se.printStackTrace() in MySecurityManager.checkPermission");
134: uc = auto.openConnection();
135: uc.connect();
136: ct = uc.getContentType();
137: /* Ditto:
138: if (!"text/xml".equals(ct)) throw new IllegalStateException("Wrong content type (auto): " + ct);
139: */
140: // Ensure this class does *not* have free access to random permissions:
141: try {
142: System.getProperty("foo");
143: throw new IllegalStateException(
144: "Was permitted to access sys prop foo");
145: } catch (SecurityException se) {
146: // good
147: }
148: }
149: }
150:
151: private static final class MySecurityManager extends
152: SecurityManager {
153: public void checkPermission(Permission p) {
154: //System.err.println("cP: " + p);
155: if (ok()) {/*System.err.println("ok");*/
156: return;
157: }
158: try {
159: super .checkPermission(p);
160: } catch (SecurityException se) {
161: //se.printStackTrace();
162: //System.err.println("classes: " + Arrays.asList(getClassContext()));
163: throw se;
164: }
165: }
166:
167: public void checkPermission(Permission p, Object c) {
168: if (ok()) {/*System.err.println("ok");*/
169: return;
170: }
171: super .checkPermission(p, c);
172: }
173:
174: public void checkRead(String file) {
175: // Do not honor file read checks. TopSecurityManager actually leaves
176: // this blank for performance, but in fact very little would work if
177: // we restricted reads. nbfs: protocols would be useless, meaning user
178: // classes would not be able to load resources. This could be solved if
179: // necessary by creating a special kind of FilePermission returned from
180: // FileURL; it would be recognized by TSM.checkPermission and accepted.
181: }
182:
183: private boolean ok() {
184: Class[] cs = getClassContext();
185: int i = 0;
186: while (i < cs.length && cs[i] == MySecurityManager.class)
187: i++;
188: for (; i < cs.length; i++) {
189: if (cs[i] == MySecurityManager.class) {
190: // avoid recursion
191: return true;
192: }
193: }
194: ByteArrayOutputStream baos = new ByteArrayOutputStream(1000);
195: new Exception().printStackTrace(new PrintStream(baos));
196: if (baos.toString().indexOf(
197: "\tat java.security.AccessController.doPrivileged") != -1) {
198: // Cheap check for privileged actions.
199: // For some reason AccessController does not appear in the classContext
200: // (perhaps because it is a native method?).
201: return true;
202: }
203: for (int j = 0; j < cs.length; j++) {
204: if (cs[j].getClassLoader() instanceof NbClassLoader) {
205: return false;
206: }
207: }
208: return true;
209: }
210: }
211:
212: }
|